Tuesday, February 22, 2011

Iranian Cyber Forces uber threat

The cyber division was launched about nine months ago and it is tasked with disrupting the media world through the production and distribution of fake news and news video clips. This division is housed in a 5 story building and comprises of 20 units that include 4 cyber networks, an administrative building and a number of news media and services. It operates with a budget of 100 billion Toman (about $100 million) and it is lead by a person close to the leader of the Islamic republic.

The division also has 3 internet networks called, "Ma" (We), "Shoma" (You) and "Paydari" (Resistance) which in its special section is active filtering out Facebook, YouTube, Twitter and engaging Balatarin site users in superficial discussions (Balatarin is a community site like Facebook but with an emphasis on Iranian audiences).

While providing various services to 12,000 cleric students who maintain close ties with this division, the Paydari network is busy creating a new space with fictitious names and photos of fabricated women, boys and girls in Facebook. Till now, it has created over 25,000 fake accounts on Facebook and is backing up personal information and images from of other users for its subsequent manipulation.

So goes the legend of the Iranian Cyber Army in the land of Oz..

But our BSU's tracking this awesome Army found something quite different.
A small group of kiddie scripters with some working SLQ injections.
Vastly over paid, using their own computers with bad security
and opsec, infected PCs, and access to Iranian propaganda sites.

Lying to their regime masters about operations and hyping kiddie scripting

like it was real hacking, and trying to earn some money on the side, with simple

malware.

I quote the one of the English speaking members or their team,

"A group of second rate hackers collaborate with the technical office

of this division and one of whose tasks is to hack sites belonging to

regime opponents."

One of the members of the Great Iranian Cyber Army told us

on one of our secure VPNs that "Bosses" were stupid and cheap,

And about the meals with old incontinent cyber dummies listening to

very bad music".

They do maintain PC security " commercial security software"

for a large group of students, even that software is warez.

They according to our inside informant have learned an old exploit

that will work on unpatched systems and have less than 100,000

bots, and they lie to their handlers about everything.

They found one exploit for a well known blog system and hit

as many of them as they could before the exploit is patched.

They do have a hand full of fake personalties on social media

sites, and use volunteers to hand build them. And they pass

on passwords.

And have assumed some reporters names and use those to

post propaganda and spin.

Our contact would be killed if his collaboration with us was known.

Why is he even talking to us? Cause we an threatened to burn

him if he didn't cooperate, seems the regime doesn't trust

them. Regime paranoia is all encompassing he tells us,

they suspect everbody.

Of course this post has been sanitized and cleared opsec

for his protection. The Iranian cyber army is less a threat

than Anonymous is, and I'm not putting Anonymous down.

I might fear Anonymous under the right conditions but not the

ICA.

The ICA is like Iran's nuke program, non starter.

mostly smoke and mirrors, but struggling.Or like the Iranian Navy small boats and rustbuckets.